Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-05-22 07:41:20 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

- implemented DH protocol for PFS encryption in distant chat between GXS ids.

Browse source 
- changed format of keyId in rstlvkeys.{h,cc}, but kept the serialisation for backward compatibility (A #define needs to be removed to fix it for good). Updated rsrecogn, rsmsgitems, gxssecurity accordingly
- added "chat peer" in IdDialog to help testing distant chat.

Distant chat works and is now encrypted. The GUI still needs some smoothing: display of correct peer names
in chat window, remove the need to add a message in p3chatservice.cc:3217 to force poping up the chat window.

- added MsgAddress class to handle generic address types while keeping type separation in Messages. Not used yet.



git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7403 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2014-06-12 10:28:23 +00:00
parent 114352c0d6
commit 80f4401e88
21 changed files with 720 additions and 182 deletions
Download patch file Download diff file Expand all files Collapse all files

9
libretroshare/src/gxs/gxssecurity.cc
View file

@ -33,7 +33,7 @@
* #define GXS_SECURITY_DEBUG 1
***/
static std::string getRsaKeyFingerprint(RSA *pubkey)
static RsGxsId getRsaKeyFingerprint(RSA *pubkey)
{
int lenn = BN_num_bytes(pubkey -> n);
int lene = BN_num_bytes(pubkey -> e);
@ -51,7 +51,7 @@ static std::string getRsaKeyFingerprint(RSA *pubkey)
assert(Sha1CheckSum::SIZE_IN_BYTES >= CERTSIGNLEN) ;
return s.toStdString().substr(0,2*CERTSIGNLEN);
return RsGxsId(s.toStdString().substr(0,2*CERTSIGNLEN));
}
static RSA *extractPublicKey(const RsTlvSecurityKey& key)
@ -151,7 +151,7 @@ bool GxsSecurity::getSignature(const char *data, uint32_t data_len, const RsTlvS
if(!rsa_pub)
{
std::cerr << "GxsSecurity::validateSignature(): Cannot validate signature. Keydata is incomplete." << std::endl;
std::cerr << "GxsSecurity::getSignature(): Cannot create signature. Keydata is incomplete." << std::endl;
return false ;
}
EVP_PKEY *key_pub = EVP_PKEY_new();
@ -171,7 +171,7 @@ bool GxsSecurity::getSignature(const char *data, uint32_t data_len, const RsTlvS
EVP_PKEY_free(key_pub);
sign.signData.setBinData(sigbuf, siglen);
sign.keyId = privKey.keyId;
sign.keyId = RsGxsId(privKey.keyId);
return ok;
}
@ -183,6 +183,7 @@ bool GxsSecurity::validateSignature(const char *data, uint32_t data_len, const R
if(!rsakey)
{
std::cerr << "GxsSecurity::validateSignature(): Cannot validate signature. Keydata is incomplete." << std::endl;
key.print(std::cerr,0) ;
return false ;
}
EVP_PKEY *signKey = EVP_PKEY_new();

22
libretroshare/src/gxs/rsgenexchange.cc
View file

@ -268,7 +268,7 @@ void RsGenExchange::generatePublicFromPrivateKeys(const RsTlvSecurityKeySet &pri
publickeySet = RsTlvSecurityKeySet() ;
RsTlvSecurityKey pubkey ;
for(std::map<std::string, RsTlvSecurityKey>::const_iterator cit=privatekeySet.keys.begin(); cit != privatekeySet.keys.end(); ++cit)
for(std::map<RsGxsId, RsTlvSecurityKey>::const_iterator cit=privatekeySet.keys.begin(); cit != privatekeySet.keys.end(); ++cit)
if(GxsSecurity::extractPublicKey(cit->second,pubkey))
publickeySet.keys.insert(std::make_pair(pubkey.keyId, pubkey));
}
@ -284,7 +284,7 @@ uint8_t RsGenExchange::createGroup(RsNxsGrp *grp, RsTlvSecurityKeySet& privateKe
// find private admin key
RsTlvSecurityKey privAdminKey;
std::map<std::string, RsTlvSecurityKey>::iterator mit = privateKeySet.keys.begin();
std::map<RsGxsId, RsTlvSecurityKey>::iterator mit = privateKeySet.keys.begin();
bool privKeyFound = false; // private admin key
for(; mit != privateKeySet.keys.end(); mit++)
@ -497,7 +497,7 @@ int RsGenExchange::createMsgSignatures(RsTlvKeySignatureSet& signSet, RsTlvBinar
RsTlvSecurityKeySet& keys = grpMeta.keys;
RsTlvSecurityKey* pubKey;
std::map<std::string, RsTlvSecurityKey>::iterator mit =
std::map<RsGxsId, RsTlvSecurityKey>::iterator mit =
keys.keys.begin(), mit_end = keys.keys.end();
bool pub_key_found = false;
for(; mit != mit_end; mit++)
@ -704,10 +704,10 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSecu
{
RsTlvKeySignature sign = metaData.signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH];
std::map<std::string, RsTlvSecurityKey>& keys = grpKeySet.keys;
std::map<std::string, RsTlvSecurityKey>::iterator mit = keys.begin();
std::map<RsGxsId, RsTlvSecurityKey>& keys = grpKeySet.keys;
std::map<RsGxsId, RsTlvSecurityKey>::iterator mit = keys.begin();
std::string keyId;
RsGxsId keyId;
for(; mit != keys.end() ; mit++)
{
RsTlvSecurityKey& key = mit->second;
@ -719,7 +719,7 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSecu
}
}
if(!keyId.empty())
if(!keyId.isNull())
{
RsTlvSecurityKey& key = keys[keyId];
publishValidate &= GxsSecurity::validateNxsMsg(*msg, sign, key);
@ -1940,7 +1940,7 @@ void RsGenExchange::processGroupDelete()
bool RsGenExchange::checkKeys(const RsTlvSecurityKeySet& keySet)
{
typedef std::map<std::string, RsTlvSecurityKey> keyMap;
typedef std::map<RsGxsId, RsTlvSecurityKey> keyMap;
const keyMap& allKeys = keySet.keys;
keyMap::const_iterator cit = allKeys.begin();
bool adminFound = false, publishFound = false;
@ -2011,7 +2011,7 @@ void RsGenExchange::publishGrps()
// find private admin key
RsTlvSecurityKey privAdminKey;
std::map<std::string, RsTlvSecurityKey>::iterator mit_keys = privatekeySet.keys.begin();
std::map<RsGxsId, RsTlvSecurityKey>::iterator mit_keys = privatekeySet.keys.begin();
bool privKeyFound = false;
for(; mit_keys != privatekeySet.keys.end(); mit_keys++)
@ -2569,8 +2569,8 @@ bool RsGenExchange::updateValid(RsGxsGrpMetaData& oldGrpMeta, RsNxsGrp& newGrp)
RsTlvKeySignature adminSign = mit->second;
std::map<std::string, RsTlvSecurityKey>& keys = oldGrpMeta.keys.keys;
std::map<std::string, RsTlvSecurityKey>::iterator keyMit = keys.find(oldGrpMeta.mGroupId.toStdString());
std::map<RsGxsId, RsTlvSecurityKey>& keys = oldGrpMeta.keys.keys;
std::map<RsGxsId, RsTlvSecurityKey>::iterator keyMit = keys.find(RsGxsId(oldGrpMeta.mGroupId));
if(keyMit == keys.end())
{